Enemy Action - The Distinctive Features Of Cyber Warfare

Uploaded on 2021-02-03 in TECHNOLOGY--Hackers, INTELLIGENCE--International, GOVERNMENT-Defence, FREE TO VIEW

Cyber warfare currently refers to the use of digital attacks, like computer viruses and hacking to take enemy system down. Future wars will see hackers using computer code to attack an enemy's infrastructure, fighting alongside troops using conventional weapons like guns and missiles.

Cyber attacks on a global scale increasingly continue to threaten critical infrastructures, information networks, and digital control systems that fundamentally support our national security and improve our quality of life. Right now, for any government the ability to respond appropriately to a cyber attack in a timely and effective manner has never been more important. 

Unlike traditional military attacks, a cyber attack can be launched instantaneously from any distance, with little obvious evidence of any build-up, unlike a traditional military operation and these attack can often be extremely hard to trace back with any certainty to its perpetrators, making retaliation much harder. Cyber warfare can enable actors to achieve their political and strategic goals without the need for armed conflict. Cyberspace gives disproportionate power to small and otherwise relatively insignificant actors. 

Operating behind false IP addresses, foreign servers and aliases, attackers can act with almost complete anonymity and relative impunity, at least in the short term. 

In cyberspace the boundaries are blurred between the military and the civilian, and between the physical and the virtual; and power can be exerted by states or non-state actors, or by proxy. Cyberspace should be viewed as the ‘fifth battlespace’, alongside the more traditional arenas of land, air, sea and space.

Cyber warfare is best understood as a new but not entirely separate component of this multifaceted conflict environment. 

Warlike actions in cyberspace are more likely to occur in conjunction with other forms of coercion and confrontation. However, the ways and means of cyber warfare remain undeniably distinct from these other modes of conflict. 
However there are similarities between the sea and cyberspace which suggest using maritime warfare theory to help us to begin understanding cyber warfare. 

Maritime warfare, specifically sea control, sea denial, and disputed sea control provide a foundation for understanding cyber warfare. 

Content and code moving in cyberspace have similar characteristics to forces moving from the sea, a fluidity of movement, omni–directional avenues of approach, and the necessity to make ‘shore’ (move to where the human and machines are) in order to be useable. Additionally, the ability to control or deny access, dispute control, and prevent the force 
The intertwining of cyberspace and human activity in the twenty–first century means cyberspace is a linchpin of society's collective life.

It illustrates our dependence on cyberspace for resources, as the primary medium for the spread of information, and decision making. 

The need to appreciate the complexity of cyberspace in peace and war will only increase as authorities drive consumers, employees, and the general populace to cyberspace for communication, work, shopping, banking, entertainment, and war fighting. 

The same methodology can be applied to the discussion here by relating Corbett’s observations on the maritime domain to cyberspace:

  • The normal state of cyberspace is uncontrolled; in conflict control is normally in dispute. 
  • The goal is control of cyberspace; this implies that control from making ‘shore’ for limited amounts of time (the fluidity of control) all speak to injecting the likeness of cyberspace into maritime theory as a way to comprehend the complexities of cyber warfare. 

The challenges of cyber warfare and its complexities extended into the world of politics, questioning deeply embedded assumptions about the primacy of the state, the authority of government and the role of government agencies and the armed forces as providers of national security. Just as nations attempt to deter rivals from attacking in conventional weapons, so countries are developing the concept of cyber deterrence to help to prevent digital attacks from occurring in the first place, by making the cost of the attack too high for any potential assailant. 

One way of doing that is securing and hardening their own computer systems so that is becomes very hard, and very expensive, for any attacker to find weaknesses. Some argue cyber war will never take place; others argue cyber war is taking place right now. Beyond the famous example of Stuxnet pure cyber war operations will remain extremely rare, but already the concept has become absorbed into the broader set of military options that exist, just like other new technologies, such as submarines and aircraft, in the past.

It's possible that cyber weapons may also become a more common feature of low intensity skirmishes between nations because they are capable of causing confusion and chaos but not too much damage. But it's unlikely that a war would ever be fought purely with digital weapons because they are too expensive and hard to control and of limited impact. That doesn't mean cyber warfare is irrelevant, rather that some kind of cyber warfare capability will be part of almost every military engagement from now on.

President Bill Clinton referred to cyber warfare when in 2001 when he said, “today, our critical systems, from power structures to air traffic control, are connected and run by computers” and that someone can sit at the same computer, hack into a computer system, and potentially paralyse a company, a city, or a government.”

  • In the spring of 2007, an unprecedented series of so-called distributed denial of service, or DDoS, attacks struck websites across Estonia, taking down the country’s online banking, digital news media, government sites, and practically anything else that had a web presence. The attacks were a response to the Estonian government’s decision to move a Soviet-era statue out of a central location in the capital city of Tallinn, angering the country’s Russian-speaking minority and triggering protests on the city’s streets and the web.
  • The world’s conception of cyber war changed forever in 2010. It started when VirusBlokAda, a security firm in Belarus, found a mysterious piece of malware that crashed the computers running its antivirus software. By September of that year, the security research community had come to the shocking conclusion that the specimen of malware, Stuxnet, was in fact the most sophisticated piece of code ever engineered for a cyber attack, and that it was specifically designed to destroy the centrifuges used in Iran’s nuclear enrichment facilities.

Governments are becoming increasingly aware that we are now reliant on computer systems to run everything from financial services to transport networks, and that an attack against these systems could be just as damaging as traditional military campaign using troops armed with guns and missiles.

Paul N Cornish / AcademiaWired:       ITPro:      ResearchGate:       ZDNet:     Kings College London:   Image: Unsplash

You Might Also Read:

Cyber Warfare, Intelligence & Malware:

 

« Google Threatens To Leave Australia
Bezos Resigns As Amazon CEO »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA)

Cyber Conflict Studies Association (CCSA) is a non-profit organization dedicated to leading a diversified research agenda in the field of cyber conflict.

Immersive

Immersive

Immersive unifies Cyber Drills, Exercises, Sims, Ranges, and Training into one single, adaptive platform. One Platform. Total Cyber Resilience.

National Cybersecurity Hub - South Africa

National Cybersecurity Hub - South Africa

The mission of the National Cybersecurity Hub is to be the central point of collaboration for cybersecurity incidents in South Africa.

Padlock

Padlock

Padlock is a trusted platform with an intimate knowledge of the cybersecurity industry that connects businesses with freelance professionals

Desec Security

Desec Security

Desec's training platform allows professionals around of the world to acquire knowledge and practical experience in Information Security.

Kickstart

Kickstart

Kickstart supports your startup in scaling deep technology businesses in Switzerland in areas such as AI, Blockchain and Cybersecurity.

Soliton

Soliton

Soliton is a leading Japanese technology company and a pioneer in IT security solutions for protecting company resources and data from external IT security threats.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

comforte AG

comforte AG

comforte AG is a leading provider of data-centric security technology. Organizations worldwide rely on our tokenization and format-preserving encryption capabilities to secure personal, sensitive data

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

SolidRun

SolidRun

SolidRun is a leading provider of computing and network technology designed to streamline the deployment of edge computing infrastructure and support embedded and IoT markets.

IDECSI

IDECSI

IDECSI delivers cutting-edge technology and engages all employees in the security system for effective and cost-efficient data protection.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MLSecOps Community

MLSecOps Community

The MLSecOps Community is a collaborative space for machine learning security experts and industry leaders to connect and shape the future of AI/ML security.

ACDS (Advanced Cyber Defence Systems)

ACDS (Advanced Cyber Defence Systems)

ACDS was founded in the belief that cyber security can be done better. We’re combining emerging technologies and proven methods to bring a new approach to tackling the growing threat landscape.

Emagine IT

Emagine IT

Emagine IT supports federal agencies and enterprises by leveraging a data-first approach to delivering cutting-edge IT, cybersecurity, and digital transformation services.